Date: Sat, 13 Nov 1999 18:24:09 +0100 (MET) From: hm@hcs.de (Hellmuth Michaelis) To: A.Leidinger@WJPServer.CS.Uni-SB.de (Alexander Leidinger) Cc: freebsd-current@FreeBSD.ORG, isdn@FreeBSD.ORG Subject: Re: i4b & security (Re: "man" reads /etc/rc.conf?) Message-ID: <19991113172409.E919738E2@hcswork.hcs.de> In-Reply-To: <199911131029.LAA00904@work.net.local> from Alexander Leidinger at "Nov 13, 99 11:29:23 am"
next in thread | previous in thread | raw e-mail | index | archive | help
From the keyboard of Alexander Leidinger: > >> But with i4b you have to specify a username-password pair in rc.conf > >> (spppconfig_isp0) and I didn_t want to show it to every user (rc.conf > >> is u+rw,g+r,o+r for reasons you mention). > > > > What about /etc/start_if.isp0? > > Yes, with permissions of u+r,go-rwx it_s more secure than the currently > recommended way. > > Hellmuth? Will this be the new official way of configuring i4b? I'm not at all satisfied with the way password arguments to spppcontrol work currently. But before we get to security issues of spppcontrol, i think the sppp issues in i4b (lcp-echo, lcp-loops) have to be resolved (besides other much more basic things such as the hardware drivers). hellmuth -- Hellmuth Michaelis Tel +49 40 559747-70 HCS Hanseatischer Computerservice GmbH Fax +49 40 559747-77 Oldesloer Strasse 97-99 Mail hm [at] hcs.de 22457 Hamburg WWW http://www.hcs.de To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isdn" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19991113172409.E919738E2>